At 21:54 2004-07-09 +0100, Ian Grigg wrote:
John Gilmore wrote:
It would be relatively easy to catch someone
doing this - just cross-correlate with other
information (address of home and work) and
then photograph the car at the on-ramp.

Am I missing something? It seems to me that EZ Pass spoofing should become as popular as cellphone cloning, until they change the protocol. You pick up a tracking number by listening to other peoples' transmissions, then impersonate them once so that their account gets charged for your toll (or so that it looks like their car is traveling down a monitored stretch of road). It should be easy to automate picking up dozens or hundreds of tracking numbers while just driving around; and this can foil both track-the-whole-populace surveillance, AND toll collection. Miscreants would appear to be other cars; tracking them would not be feasible.

Well, I am presuming that ... the EZ Pass does have an account number, right? And then, the car does have a licence place?

So, just correlate the account numbers
with the licence plates as they go through
the gates.

If they could do that reliably, they wouldn't need the toll thingy, nu? I have been told by someone in the photo-enforcement industry that their reliability is only around 75%, and they're very expensive, and ... anyway, not a viable solution to the problem given the current economics. But to a weekly commuter over one of the bridges in New York, for example, it's $1000 per year.


What incentive does a miscreant have to
reprogram hundreds or thousands of other
cars???

Until recently, when viruses and worms started to be used to assist spamming, what incentive did a miscreant have to invade hundreds or thousands of computers?


Greg.

Greg Rose                                    INTERNET: [EMAIL PROTECTED]
Qualcomm Australia       VOICE:  +61-2-9817 4188   FAX: +61-2-9817 5199
Level 3, 230 Victoria Road,             http://people.qualcomm.com/ggr/
Gladesville NSW 2111/232B EC8F 44C6 C853 D68F  E107 E6BF CD2F 1081 A37C

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to